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FOREWORD 

This Indian Standard was adopted by the Bureau of Indian Standards, after the draft Finalized by the Power 
System Control and Associated Communications Sectional Committee had been approved by the Electronics 
and Information Technology Division Council. 

This standard on SCADA system (Supervisory Control and Data Acquisition) provides guidelines for the 
performance analysis and application systems used for supervisory control and data acquisition for oil and gas 
pipelines covering natural gas, LPG, crude oil, multiproduct, etc, in attended or unattended stations like terminals, 
sectionalizing valve stations, compressor and pump stations. The system covered by this standard typically use 
servers, workstations, front end processors in the master stations and in Remote Terminal Units (RTUs)/Intelligent 
Electronic Devices (IEDs) at the remote stations. The SCADA provides facilities for incorporating monitoring 
and control functions in the system installed. 

For the purpose of deciding whether a particular requirement of this standard is complied with, the final value, 
observed or calculated, expressing the result of a test or analysis, shall be rounded off in accordance with 
IS 2 : 1960 'Rules for the rounding off numerical values (revised)'. The-number of significant places retained in 
the rounded off value should be the same as that of the specified value in this standard. 
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Indian Standard 

SUPERVISORY CONTROL AND DATA ACQUISITION 
(SCADA) SYSTEM FOR OIL AND GAS PIPELINE 



1 SCOPE 

1 . 1 This standard provides guidelines for the definition, 
specification, performance analysis, and application of 
systems used for supervisory control and data 
acquisition for oil and gas pipe lines, in attended or 
unattended stations like terminals, sectionalizing valve 
stations, including those associated with compressor 
stations/pump stations. Systems covered by this 
standard typically use servers, workstations, front end 
processor in the master station and RTU (Remote 
Terminal Unit), IEDs (Intelligent Electronic Devices) 
at the remote stations. Such a system provide facilities 
for incorporating monitoring and control functions, 
after the system is installed. 

1.2 The oil and gas pipe line include pipelines for 
natural gas, LPG, crude oil, muitiproduct, etc. 

2 REFERENCES 

The standards listed in Annex A are necessary adjuncts 
to this standard. 

3 TERMINOLOGY 

The definitions of various terms used in this standard 
shall be as given in IS 12746 (Part 1/Sec 3), IS 1885 
(Part 50) and all sections of IS 1885 (Part 52). 

4 FUNCTIONAL CHARACTERISTICS 

The control and data acquisition equipment governed 
by this standard may be arranged in various configura- 
tions, and may perform some or all of the functions 
identified in this clause. 

Typically, control and data acquisition equipment 
compose a system with at least one master station and 
one or more Remote Terminal Units/Intelligent 
Electronic Devices (RTUs/IEDs). Figure 1 illustrates 
the possible data and control flow between a master 
station and one or more RTUs/IEDs. 

4.1 Typical Equipment Functional Diagrams 

Functional diagrams of typical RTU and master station 
equipment and configurations are described below: 

The links between the master station(s) and RTUs, and 
between the sub-master RTU and itsislave RTUs, can 
be any suitable communication media but in case of a 
cross-country pipeline the same is recommended to 



be OFC (Optical Fibre Cable) based dedicated 
communication system. In case the OFC based 
dedicated system is not practical then lease line 
communication network or any other communication 
network such as satellite based communication, radio 
communication, etc, are recommended to be used for 
control functionality. However if only monitoring of 
data is envisaged at intervals (not in real time) and no 
real time control operation is to be performed in that 
case dial-up line can also be used. The communication 
protocol typically used requires a master station to 
initiate message transactions. In some cases the RTU 
can initiate the communication messages. For 
additional communications protocol information, see 
IEC 60570-5-101, IEC 60870-5-104 or DNP 3.0, etc. 

The functional components of a master station are 
illustrated in Fig. 2. A dual server with hot standby 
master station is illustrated in Fig. 2, however, a single 
server master station may be adequate for some 
applications. In case of a cross-country pipeline it is 
recommended to go for dual master stations with 
emergency master station at some different location 
to cater to emergency like fire, etc. However, user 
may decide requirement of dual master station 
depending upon complexity and criticality of the 
pipeline network. 

There may be different master stations (regional) 
collecting data from different pipeline network and a 
central master station which is updated with data from 
all the other regional master stations so that the entire 
data is available at a central place as illustrated in 
Fig. 3. 

If the data is required to be viewed from different sites 
it is preferable to have WEB enabled system so that 
data can be viewed using intranet. The WEB enabled 
system should have the information security features 
like firewalls, intrusion detection system, etc. Also if 
the control functions need to be executed from different 
sites provision should be there for extending remote 
workstations. Separate history server may be used for 
historical data recording. Separate application server 
may be kept for running different pipeline applications. 
Auxiliary storage devices may be kept for routine 
backup of the system, 

If required, a network time server (GPS) can be 
installed to synchronize entire network. 
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Block Diagram 



The functional components of an RTU are illustrated 
in Fig. 4. Various interconnections of master station(s) 
and RTU(s) are illustrated in Annex B. 

4.2 System Functional Characteristics 

This clause provides guidance for helping both users 
and suppliers jointly define the functional capabilities 
that may be in a system. 

Each generic function is described in terms of the 
minimum features or characteristics that shall be 
addressed to adequately define the function. 

When the feature or characteristic is fixed by the design 
of the equipment, the burden of definition rests on the 
supplier (for example, number of inputs/outputs per 
card). However, variable features (for example, scaling 
resistors, switch settings, and software) shall be jointly 
defined by the user and the supplier. 

4.2.1 Communication Management 

The requirements to communicate between the master 
station(s) and the RTUs shall be well defined. See IEC 
60870-5-101, IEC 6O870-5-104 or DNP 3.0 for an 
example of the definition of a communication protocol. 
The topics to be defined include: 

a) Message protocol; 

b) Number of channels; 

c) Channel considerations; 

d) Channel switching; 

e) Number of RTUs per channel and/or channels 
per RTU; 



h) 

J) 
k) 



f) Communication error reporting, failure 
criteria, and recovery; 

g) Channel quality monitoring (normal and 
backup); 

Channel diagnostic/test provisions; 

Equipment interfaces; 

Report-by-exception polling; and 

m) Point scan/RTU scan on demand. 

4.2.2 Data Acquisition 

The characteristics for each data type shall be defined. 
Ranges of data input, scale factors, rates, and accuracy 
shall be defined for the data types to be supported 
such as: 

a) Analog inputs, 

b) Status inputs — two state 

Status inputs — more than two state (more 
than two state status inputs are accomplished 
by using multiple two state status inputs), 

c) Status inputs — with memory, 

d) Accumulator pulse inputs, 

e) Sequence-of-events inputs, and 

f) BCD inputs-multi-bit. 

The data acquisition capability for each data type shall 
be defined in terms of the following characteristics: 

a) Scan groups — Number of scan groups size 
of each group, points in each group. 

b) Scan cycle — Time to complete the acquisition 
of a scan group from all remotes on the 
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Fig. 4 Remote Terminal Unit Functional Block Diagram 



communication channel. The communication 
hardware related performance capabilities used 
in the calculation of scan cycle shall be defined. 

4.2.2.1 RTU data 

The capacity (total inputs) and rate of acquisition 
(inputs per second) for field data interfaced to the RTU 
equipment shall be defined for all applicable data types 
{see 5.4). 

The modularity (for example, minimum number of 
inputs per card) of each data type shall also be 
specified. 

4.2.2.2 Master station data 

The capacity (total inputs) and rate of acquisition 
(inputs per second) for local or RTU data interfaced to 
master station equipment shall be defined for all 
applicable data types {see 5.4). ' 

4.2.3 Data Processing 

Data processing capabilities shall be defined for each 
equipment item and all applicable data types. Systems 
with report-by-exception functions shall have the 
capability to report all data for initialization and 
periodic update purposes. 

4.2.3.1 Analog data 

Analog data is used to describe a physical quantity (that 



is, pressure, temperature, flow density, specific gravity, 
etc) that normally varies in a continuous manner. 

The analog data processing options to be supported 
at both the master station and the RTU shall be 
defined. This is the responsibility of both the user 
and supplier. Particular attention shall be given to 
input data validity processing (for example, the 
validity of the data) and to the interface between the 
supervisory control function and the analog data 
processing function. 

a) Data input scaling shall give adequate 
consideration to off-normal operation of the 
system (for example, pressure out of range). 

b) Data change detection may be a function 
included as an alternative to processing every 
input on every scan. Data change detection is 
accomplished by testing to see if the new 
value for each input is within N digital counts 
(for example, dead band) of the last stored 
value for that input. The new value shall 
replace the last stored value only if the 
dead band was exceeded and then the input 
will be further processed as defined below. 
When the data change detection function is 
included, the following characteristics shall 
be defined: 

Location of processing, RTU or master 
station, or both. 
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c) Data filtering may be required to smooth data 
before it is used by other functions. When this 
function is included, the equation used shall 
be defined and the time delay, introduced by 
the filtering, specified. 

d) Data limit checking is typically included to 
determine if other downstream functions, 
such as alarm detection, or further processing 
are required. The number of high or low limits 
accommodated and associated return-to- 
normal dead band processing shall be defined. 

. Specific attention shall be given to the 
procedure for user specification and revision 
of limit and dead band values. 

e) The data report-by-exception function is used 
to eliminate communication of unchanged 
data from the RTU(s) to the master station. 
Its input is received from the change detection 
function. When the analog data report-by- 
exception function is included the following 
characteristics shall be defined: 

1) Percent of analog changes per scan that 
results in the channel load associated with 
reporting all analog points from the RTU. 

2) Description of logic in the master station 
that can be used to select between using 
the analog data report-by-exception 
function or report-all-analog data 
functions when acquiring analog data 
from each RTU. 

f) Data conversion to engineering units is 
typically required before analog data is used 
by other software, printed, or displayed as 
output. The mathematical equation(s) used to 
convert analog values represented by digital 
counts into the corresponding engineering 
units shall be defined. Specific attention shall 
be given to sensor and transducer scale factors 
that may be provided by the user. 

g) Bad data techniques shall be defined that are 
used to: 

1) Detect an open input to an analog 
channel, 

2) Identify reasonable values, 

3) Detect a drifted or faulty A/D converter, 
and 

4) Automatically calibrate an analog 
channel. 

4.2.3.2 Status data 

Status data is used to describe a physical quantity (for 
example, device position) that has various possible 
combinations of discrete states. The information 
content of a digital signal is expressed by discrete states 



of the signal such as the presence or absence of a 
voltage, current, or a contact in the open or closed 
position. 

The status data processing options to be supported at 
the master station and the RTU shall be defined. This 
is the responsibility of both the user and supplier. 
Particular attention shall be given to input data validity 
processing, and to the interface between the 
supervisory control function and the status data 
processing function: 

a) Data change detection may be a function 
included as an alternative to processing every 
input on every scan. Data change detection is 
performed by testing to see if the current state 
is the same as the last stored state for that 
input. Changed data shall replace the last 
stored value and the point, or group of inputs, 
shall be routed to other functions such as data 
report-by-exception, alarm processing, or 
both. When the data change detection function 
is included, the following characteristics shall 
be defined: 

1) Location of processing (RTU or master 
station), 

2) Quantity of data reported when a single 
input changes, 

3) Minimum signal duration to be 
considered a change, and 

4) Security against loss of change data. 

b) Data report-by-exception function is used to 
eliminate unnecessary communication of 
unchanged data from the RTU(s) to the master 
station. Its input is received from the change 
detection function. When the status data 
report-by-exception function is included, the 
following characteristics shall be defined: 

1 ) Percent of status point changes per scan 
that result in the channel load associated 
with reporting all status points from the 
RTU. 

2) Description of logic in the master station 
or RTU that can be used to select between 
using the status report-by-exception or 
the report all status data function when 
acquiring status data from each RTU. 

c) Status* with memory may be a function 
implemented in the RTU. When this function 
is included, the number of status changes 
accommodated and legal bit combinations 
supported by the design shall be defined. 

4.2.3.3 Accumulator data 

The following characteristics shall be defined when 
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pulse accumulation and/or accumulator data processing 
is included: 

a) Input circuit (two or three terminal arid how 
input circuit operates); 

b) Sources of freeze command, if any (internal/ 
external); 

c) Ranges of values (RTU and master station); 

d) Nominal and maximum counting rates; 

e) Source of memory power; 

f) Input voltage, if externally powered; and 

g) Reset command (if any). 

4.2.3.4 Sequence-of-events (SOE) data 

The following characteristics shall be defined when 
SOE data acquisition capability is included: 

a) Time resolution at RTUs; 

b) Method of system time synchronization; 

c) Time accuracy between any two RTUs; 

d) Number of SOE inputs per RTU; 

e) Size of buffers (number of SOE events that 
can be stored) per RTU; 

Time (minimum/maximum) between 

successive change(s) of an input; 
g) Method of indicating that SOE data is 

available at the RTU; 
h) Data filter time constant and accuracy (for 

example, contact de-bounce); 
j) Data time skew (introduced by de-bounce 

filters); and 
k) Number of SOE events that can be transferred 

to the master station in one communications 

transaction. 

4.2.3.5 Computed data 

The following characteristics shall be defined when 
the capability of computing data (which are not directly 
measured) is included: 

a) Location (RTU or master station); 

b) Equations supported; 

c) Resulting data types (numeric or logical, or 
both); and 

d) Downstream functions (for example, limit 
checking). 

4.2.3.6 Alarm data 

The following characteristics shall be defined when 
the capability to process and report alarm conditions 
is included: 

a) Conditions reported as alarms; 

b) Methods of acknowledgment (single or 
groups); 



c) Methods of highlighting alarms (for example, 
flash, tone, etc); 

d) Information in alarm messages; 

e) Hierarchy of alarms (priority level); 

f) Size of alarm queue(s); 

g) Queue management (for example, time 
ordered); and 

h) Alarm limit(s). 
4.2.3.7 Digital fault data 

The RTU(s) and their microcomputers are sophisticated 
enough that they can monitor variations in data at such 
a rate as to be able to record data for pre-fault, fault, 
and post-fault analysis. The following characteristics 
shall be defined when the capability to process and 
report digital fault data is included: 

a) Samples, 

b) Number of data points per fault, 

c) Maximum buffer size (total samples to be 
stored), 

d) Sample triggers, 

e) Number of faults to be reported and stored, 
and 

f) Means of reporting digital fault data. 

4.2.4 Supervisory Control Characteristics 

When the capability to remotely control external 
devices and processes is provided, the characteristics 
of such a control capability shall be defined (see 5.4). 
Definition of characteristics common to all control 
interfaces shall include following and a time out alarm 
also in case control is not executed: 

a) Control sequence description, 

b) Type of checkback message (echo or re- 
encoded), 

c) Security of control sequences, 

d) Immediate operate controls, 

e) Broadcast controls, and 

f) Time out alarm. 

4.2.4.1 Equipment control with relay interface 
Control using a relay output shall be defined as follows: 

a) Dwell time of relay contacts; and 

b) Number of relays that can be simultaneously 
energized in each type of RTU processing 
actions (for example, logging and alarm 
suppression). 

4.2.4.2 Equipment control with setpoint interface 

Control using a setpoint output shall be defined as 
follows: 
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a) Resolution of setpoint value; 

b) Duration of output value; 

c) Processing actions (for example, limit check, 
equation, and alarms); and 

d) Electrical interface. 

4.2.4.3 Equipment/Process control with electronic 
interface 

Control using an electronic interface shall be defined 
as follows: 

a) Timing diagram of signals; 

b) Interface communication protocol; 

c) Processing actions associated with control; 
and 

d) Physical interface. 

4.2.5 Automatic Control Functions 

When the capability to automatically control external 
devices provided the characteristics of such control 
capabilities shall be defined as follows: 

a) Location of automatic control logic (RTU or 
master station); 

b) Control equation(s); 

c) Feedback value and accuracy, if closed 
loop; 

d) Frequency of execution; 

e) User alterable control parameters; 

f) Associated logging or alarming; and 

g) Method of altering control logic. 

4.2.6 User Interface Characteristics 

User interface functions shall be defined when the 
capability to support operating or maintenance 
personnel at the master station. The interface functions 
shall be defined in 4.2.6.1 to 4.2.6.4. 

4.2.6.1 Control of equipment functions 

When operator controllable functions are included the 
applicable characteristics shall be defined for the 
included functions, such as: 

a) Control output options 

1) Enable/disable, 

2) Tagging (types and uses), 

3) Local/remote, and 

4) Open (off)/close (on). 

b) Control of data acquisition 

1) Enable/disable scan (inputs or stations), 

2) Enable/disable processing, 

3) Manual entry of data, 

4) Change scan frequency by group, and 



5) Assign/re^assign data to a group. 

c) Control of data processing 

1) Setting date and time, 

2) Setting input change limits, 

3) Defining formats, 

4) Defining conversion data, 

5) Defining operator override values, and 

6) Defining normal/abnormal status/data 
quality status. 

d) Control of alarm processing 

1) Enable/disable individual alarms, 

2) Enter/edit alarm limit value(s), 

3) Enter/edit alarm dead band value(s), 

4) Enter/edit return-to-normal criteria, 

5) Enter/edit alarm assignment to area of 
responsibility, 

6) Enter/edit alarm priority, 

7) Acknowledge alarms (individual/ 
page), 

8) Silence audible alarm, 

9) Inhibit alarms, and 

10) Override invalid alarms. 

e) Control of function checks 

1) Enable/disable, and 

2) Change frequency. 

f) Control of automatic control functions 

1) Enable/disable, 

2) Modify criteria, 

3) Add/delete control functions, and 

4) Reset to reference level or position. 

4.2.6.2 Display functions 

The applicable characteristics shall be defined when 
the following formats are included: 

a) Generation of display formats 

1) Format definition capabilities, 

2) Use of colours, 

3) Use of special features (flash, reverse 
video, etc), 

4) Control level of detail (declutter), 

5) Display call-up time, and 

6) Use of features (pan, zoom, windowing, 
etc). 

b) Standard formats 

1) Index formats, 

2) System formats, 

3) Communication channel format, 

4) Summary of inhibited alarms, 

5) Input point profile formats, 
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6) Alarm summary, 

7) Tag summary, 

8) Abnormal summary, 

9) Override summary, and 
10) Station notes format. 

c) Control of cursor 

1) Cursor operation, 

2) Selection of formats, 

3) Response time, 

4) Update cycle (from database), 

5) Paging of multi-page formats, and 

6) Selection of declutter (zoom) levels. 

4.2.6.3 Digital and analog display functions 

When such display devices are supported the applicable 
characteristics shall be defined as follows: 

a) Digital displays 

1) Numeric range with decimal, and 

2) Update frequency. 

b) Analog displays 

1) Ranges, and 

2) Update frequency. 

4.2.6.4 Hard copy functions 

When support of hard copy devices is required such 
as loggers, video copiers, etc, the applicable 
characteristics shall be defined as follows: 

a) Device assignments 

1) Initial, 

2) Automatic re-assignment, and 

3) Manual re-assignment. 

b) Generation of log formats 

1) On-line/batch capabilities, 

2) Symbols supported, and 

3) Spooling capabilities. 

c) Demand logs 

1) Standard/Customised formats, and 

2) Time for response. 

d) Logged activities 

1) Alarms; 

2) Standard events (for example, user and 
device actions); 

3) System events (for example, equipment 
failover and communication failure); and 

4) Output from diagnostic routines. 

e) Device performance 

1) Print speed (characters/second), 

2) Print quality (dots/inch), and 

3) Colour requirements. 



4.2.7 Sub-master RTU 

An RTU can act as a master station with respect to 
other slave RTU(s) and Intelligent Electronic Device(s) 
[IED(s)]. The master station functions allocated to such 
sub-master RTU shall be defined using the applicable 
preceding subclauses. This is the responsibility of both 
the user and supplier. The user shall define the 
applicable characteristics as follows: 

a) Database, 

b) Communication protocol, 

c) Point configuration, 

d) Scan interval, 

e) Downloading characteristics, and 

f) Other characteristics defined in this standard 
that may be applicable. 

4.2.8 Backup and Failover 

It is common practice today to failoyer a system by 
switching peripherals or the total computer subsystem 
in order to recover from a peripheral or computer 
failure. In a distributed computer implementation, 
functions may be re-allocated to recover from a 
hardware failure. The applicable characteristics shall 
be defined when both primary and backup facilities 
are provided as follows: 

a) Database backup 

1) Data residency (bulk or main memory), 

2) Frequency of backup (by data type), and 

3) Other uses of backup facilities. 

b) Database update 

1) Data residency (bulk or main memory), 

2) Frequency of update (by data type), and 

3) Other uses of update facilities. 

c) Failure monitoring 

1 ) Method of failure detection, 

2) Response time for detection, and 

3 ) Effect on a programme or task in progress 
when fail over occurs. 

d) Failover 

1) Method of failover, 

2) Time required for failover, 

3) User interface response following 
failover, 

4) User actions following failover, and 

5) Effect on a programme or task in progress 
when failover occurs. 

4.2.9 Historical Data 

The appropriate characteristics shall be define when 
the capability for historical data archiving and retrieval 
is included as follows: 
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a) Data quantities, 

b) Data intervals, 

c) Number of data intervals, 

d) Method of file management, 

e) Method of data archiving, 

f) Method of data retrieval, and 

g) Data usage (for example, displays, reports, 
applications, etc). 

4.2.10 Local Networks 

Local area networks may be used to provide data 
exchange capability between the different functions 
at a site (for example, IEDs, RTUs, etc). When the 
capability of ;a local area network is included, the 
characteristics of such communication capability shall 
be defined as follows: 

a) Bit rate, 

b) Electrical interface (for example, 1 0/ 1 00 Base 
T, RS-232, RS-485, etc), 

c) Equipment to be interconnected, 

d) Transfer rate (bytes per second), 

e) Protocols (for example, Ethernet, TCP/IP, 
etc), 

f) Redundancy, and 

g) Reliability (for example, sectionalizing for 
isolating failures). 

4.2. 1 1 Third Party Interface 

The system should be compliant with user defined open 
interface like ODBC (Open Data Base Connect), etc 
for the integration of third party software/hardware. 



5 INTERFACES 

The control and data acquisition equipment shall have 
interfaces as described in this clause. The interfaces 
described consist of those illustrated in Fig. 5. 

5.1 Mechanical 

5.1.1 Enclosures 

Equipment enclosures shall be suitable for the proposed 
environment. Enclosures should therefore conform to 
the relevant IP Classification tests as per IS 13947 
(Part 1). 

5.1.2 Electromagnetic Compatibility (EMC) and 
Special Requirements 

The location of access doors, enclosure mounting 
requirements, temperature/ventilation requirements, 
terminal-block type and location, cable entry locations, 
and special cabling and connector requirements should 
be specified for individual applications. 

Electromagnetic Interference (EMI) and Radio 
Frequency Interference (RFI) characteristics of 
enclosures should be determined in conformance 
withlEC 60870-2-1 (1995) for minimum Jevel 2 
requirements. 

5.2 Grounding 

Control and data acquisition equipment shall not 
ground a floating power source. Care shall be exercised 
to ensure ground compatibility when grounded power 
sources are used. The code of practice for earthing may 
be referred as given in IS 3043 and IEEE Green Book 
Standard 142: 1991. 



Electrical Power 
Interfaces (see 5.3) 



User Interfaces 
(see 5.6) 



Grounding 
Interfaces (see 5.2) 
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Fig. 5 Manual and Supervisory Control Equipment Interface Block Diagram 
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5.2.1 Safety or Equipment Ground 

The safety or equipment ground protects personnel 
from injuries caused by live or hot conductors coming 
in contact with the equipment cabinet or enclosure. 
The ground conductor shall be bundled with the power 
conductors, but be insulated from the power conductors 
and from other equipment and conduit. The ground 
conductor is usually terminated in the cabinet 
enclosure, and grounded only at the same point that 
the electrical service or UPS neutral is grounded. All 
cabinets and/or enclosures comprising any control or 
data acquisition equipment shall be grounded together 
by means of a ground cable or strap. 

Any buildings or allied structures for keeping all 
cabinets and/or enclosures comprising any control or 
data acquisition equipment shall be protected from 
lightening and code of practice for protection against 
lightening may be referred as given in IS 2309. 

Additionally, metal decking or other electrical paths 
should be grounded only at the same point that the 
electrical service or UPS is grounded. Safety or 
equipment grounds shall be established in accordance 
with SP 30. 

5.2.2 Signal or Instrumentation Circuit Ground 

The signal or instrumentation circuit ground shall be 
connected to an external ground at a single point so 
that ground loop conditions are minimized. The 
shielded wire, drain wire, and/or ground wire of input/ 
output cables shall be terminated at one ground point 
in each cabinet. These ground points shall be 
connected together and connected to the facility 
ground. Caution shall be used to prevent inadvertent 
ground paths from devices such as convenience 
outlets, conduit, structural metal, test equipment, and 
external interfaces. 

A special caution on filtering is worth noting. If the 
noise is shunted to the signal ground, then it becomes 
another source of signal reference corruption. 
Sometimes separate power, noise, digital, and analog 
ground buses are necessary. However, the NEC 
requirement for a single point safety grounding source 
shall always be met. A very important design rule isto 
keep all signal reference voltages, at all frequencies of 
operation, as close to zero as possible (that is, at zero 
voltage signal reference). 

5.2.3 Electrical Ground 

The station power source shall be grounded in 
accordance with the NEC. 

5.3 Electrical Power 

The electric power interfaces to control and data 



acquisition equipment shall meet the following 
requirements: 

a) The alternating current source defined below 
may originate directly from the station source 
or from a regulating/uninterruptible power 
supply. 

b) Equipment operating on direct current shall 
not sustain damage if the input voltage 
declines below the lower limit specified or is 
reversed in polarity. 

5.3.1 Master Station 

Master station equipment shall be capable of operating 
without error or damage with one or more of the 
following source voltage ranges: 

a) 230 V ac single phase or three phase ±10 
percent at 50 Hz ±3 percent, 

b) 21 to 29 V dc (24 V dc nominal), and 

c) 42 to 58 V dc (48 V dc nominal). 

5.3.2 Remote Station 

Remote station equipment shall be capable of operating 
without error or damage with one or more of the 
following source voltage ranges: 

a) 230 V ac single phase ±0 percent at 50 Hz 
±3 percent, 

b) 2 1 to 29 V dc (24 V dc nominal), 

c) 42 to 58 V dc (48 V dc nominal), and 

d) 10 to 16 V dc (12 V dc nominal). 

5.3.3 Power Quality 

Station power shall be of such quality (free from noise, 
spikes, etc) to be suitable for use as a source to elec- 
tronic equipment. The user and supplier shall both be 
responsible for conditioning (as required) the electric 
power for use by SCADA equipment. The one end of 
ac power supply to master station for SCADA system 
should be grounded with isolating transformer. 

5.3.4 Internal Noise 

The control and data acquisition Equipment internally 
generated electrical noise, from 1 000 to 10 000 Hz, 
appearing on the power source terminals shall be less 
than 1.5 percent (peak to peak) of the external power 
source voltage. This is measured into an external power 
source impedance of 0.1 co minimum. 

5.4 Data and Control Interfaces 

Data and control interfaces consist of electrical 
interconnections between control and data acquisition 
equipment and the device being monitored and 
controlled. Two types of signal paths are defined as 
follows: 
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a) Data paths — Inputs to data acquisition or 
supervisory control equipment, and 

b) Control paths — Outputs from data 
acquisition or supervisory control equipment. 

For each input (data) or output (control) path, various 
signal characteristics shall be defined to specify the 
interfaces between equipment. 

Data and control signal cabling, which are external to 
control and data acquisition equipment, are not specified. 

5.5 Communication 

5.5.1 Master Station/RTU Links 

Communication interfaces consist of functional, 
mechanical, and electrical interconnections between 
control and data acquisition equipment and the 
communication apparatus. Any specific application 
requires one of the two following types of general 
signal interfaces. 

Signal interfaces between the control and data 
acquisition equipment and the data communication 
equipment (for example, a data modem) occur 
whenever the data communication equipment is not 
packaged as an integral part of the control and data 
acquisition equipment, as illustrated in Fig. 6. 



Signal interfaces between the control and data 
acquisition equipment and a communication channel 
are illustrated in Fig. 7. 

Subsequent clause define specific signal characteristics 
for these mentioned interfaces. However, one of the 
characteristics is common to both types of interfaces 
and shall be measured regardless of the configuration 
utilized. This characteristics is; 

Channel bit error rate is measured between data 
communication equipment and control and data 
acquisition equipment. Due to the variety of 
channel and modem qualities available and in use, 
an average value of 1 bit error in 10 6 bit is 
recommended for design and analysis purposes. 

5.5.2 Sub-master/Slave RTU Links 

The sub-master/slave RTU links shall consist of at least 
one communication link to a master station as well as 
at least one additional link to slave RTUs, or a link to 
a distributed RTU module of the same RTU, or a link 
to an Intelligent Electronic Device (IED). 

5.5.2.1 Sub-master RTUs 

The communications link(s) to the master station(s) is 
identical to that described in 5.5.1. 



CONTROL AND DATA 

ACQUISITION 

EQUIPMENT (1) 




DATA 

COMMUNICATION 

EQUIPMENT (2) 

(data modem) 




COMMUNICATION 
CHANNEL (3) 







NOTES 

1 This equipment is called data terminal equipment (DTE) in the standards referenced. 

2 This equipment is commonly called a data modem, but called data communication equipment (DCE) in referenced standards. 

3 Channel includes microwave, radio, cable, fiber optic types, etc. 

Fig. 6 Signal Interfaces Between Control and Data Acquisition Equipment 
and Data Communication Equipment 



CONTROL AND DATA 

ACQUISITION 

EQUIPMENT (1) 



COMMUNICATION 
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NOTES 

1 Data modem is packaged as an integral part of this equipment. 

2 Channel includes microwave, radio, cable, fiber optic types etc. 

Fig. 7 Signal Interfaces Between Control and Data Acquisition Equipment 
and Communication Channel 
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5.5.2.2 Remote terminal units 

The communication links to slave RTUs is similar to 
that described in 5.5.1, except that the role ofthe master 
station is assumed by the sub-master RTU. 

5.5.2.3 IEDs 

The interface described in 5.5.1 is typical. These 
interfaces vary among IED suppliers and therefore 
coordination and specific definitions may be required 
when interfacing with IEDs. Further, the user is 
cautioned that the master station RTU protocol may 
not support the acquisition of data from, and thejcontrol 
of, the IEDs. 

5.6 User Interface (UI) 

The user interface is defined as the user contact with 
the control and data acquisition equipment. 

The user interface for operation concerns standards 
and recommendations for information displays, control 
capabilities, colours, and user interaction with the 
equipment and is given below. 

5.6.1 Information Displays 

Characters used by printers, loggers, and illuminated 
displays shall have unique codes so that their display 
may be electrically initiated. The alphanumeric 
characters and their corresponding codes as defined in 
IS 103 15 shall be used to represent alphanumeric data 
at the user interface. A set of graphic symbols shall be 
part ofthe system. The capability to create additional 
graphic symbol and graphics by the user is to be 
provided. 

5.6.2 Control Capabilities 

The capabilities provided for operator inputs at the user 
interface are defined as the control capabilities. The 
control capabilities may include a combination ofthe 
following: 

a) Keys and switches (alphanumeric or function, 
or both); 

b) Cursor (mouse, trackball, joy stick, or key 
controlled); 

c) Light pen; 

d) Poke points (defined monitor displayed 
control selection fields); and 

e) Pull down or pop up jtnenus. 

The user's input to the UI equipment shall be 
recognized and acknowledged (valid or invalid) to the 
operator within 0.5 s. The UI equipment shall confirm 
control actions using the reencoded checkback message 
from the RTU within 2 s. 

When labelled function push buttons are included in 



control and data acquisition equipment, the labels shall 
be legible from a distance of approximately 1 m in the 
user specified environment. When lighted push buttons 
are included, the significance ofthe state ofthe light 
(on, off, blinking) shall be clearly defined and shall be 
consistent throughout the system. 

Control push buttons (for example raise, lower, trip, 
open, and close) shall be within convenient viewing 
distance of the information display that will be used 
during the control operation. 

5.6.3 Colour Codes 

The standard meanings for colours (for example, 
monitor displays, status lights) used at the UI to 
highlight the condition of device monitored and 
controlled through control and data acquisition 
equipment shall be defined by users. 

The significance of colours shall be consistent 
throughout the system. 

The color status of a device under operator control shall 
only change to its new state (may include attributes 
such as colour and shape change, flashing, etc) after 
the status ofthe device has changed. 

5.6.4 Interactive Dialogue 

The activity at the UI during operational use of control 
and data acquisition equipment shall be clearly described 
and shall be consistent throughout the system. 

5.6.5 Alarms 

When alarm conditions detected by control and data 
acquisition equipment are first interfaced to the user, 
both an audible (voice, tone, or bell) and visual 
(flashing light or symbol) annunciation shall be 
presented. It shall be possible to silence the audible 
alarm without affecting the visual annunciation. The 
visual indication of each alarm condition shall remain 
as long as the alarm condition exists. 

5.6.6 Dialogue During Control 

The selection of a point for a user control action shall 
result in a visual feedback at the user interface. This 
positive feedback to the user shall signify that the 
control and data acquisition equipment is ready to 
accept a control action. The results ofthe control action 
(check-before-operate or direct operate) shall be 
displayed only after a status change has been received 
from the RTU equipment. 

6 ENVIRONMENTAL CONDITIONS 

This clause contains a definition of the environment 
in which control and data acquisition equipment is 
required to operate. 
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There are unusual conditions that, where they exist, 
shall receive special consideration. Such conditions 
shall be brought to the attention of those responsible 
for the application, manufacture, and operation of the 
equipment. Devices for use in such cases may require 
special construction or protection. The user should 
specify those special physical requirements that apply 
to specific locations. Examples are: 

a) Damaging fumes or vapours, excessive or 

abrasive dust, explosive mixtures of dust or 

gases, steam, salt spray, excessive moisture, 

or dripping water; 

Abnormal vibration, shocks, or tilting; 

Radiant or conducted heat sources; 

Special transportation or storage conditions; 

Unusual space limitations; 

Unusual power limitations; 

Unusual communication limitations; 

Unusual operating duty, frequency of operation, 

difficulty in maintenance; 

Altitude of the operating locations in excess 

of 1 000 m; 

Abnormal electromagnetic interference; and 
m) Abnormal exposure to ultraviolet light. 

6.1 Environment 

6.1.1 Ambient Temperature and Humidify Conditions 

Ambient temperature and humidity are defined as the 
conditions of the air surrounding the enclosure of the 
equipment (or the equipment itself, if it uses open rack 
construction) even if this enclosure is contained in 
another enclosure or room. 



b) 
c) 
d) 
e) 

g) 
h) 

J) 
k) 



For temperature and humidity parameters by operating 
location, see Table 1. This table is a guideline to 
establish five equipment classification groups. 
Equipment designated to be in a specific group shall 
meet all conditions set forth in that group. 

Equipment subjected to temperature and humidity 
variations outside of the first four group classifications 
listed in Table 1 will require special consideration. 
Methods to resolve these problems include the 
following: 

a) Low temperature — A thermostatically 
controlled heater strip should be used in the 
cabinet enclosure or use wide temperature 
range equipment. 

b) High temperature — A sun shield, some other 
cooling method, or wide temperature range 
equipment should be used. 

c) High humidity — Heater strips or special 
shelters should be used. 

d) Low humidity — A humidifier should be used 
to maintain acceptable humidity levels. 

e) Temperature. restrictions — If it is necessary 
to use heating/cooling equipment to meet the 
parameters set forth in Table 1 , the equipment 
should be so marked by a warning sign and 
a warning statement in the associated 
documentation. 

6.1.2 Dust, Chemical Gas and Moisture 

Suppliers shall be made aware of the presence of 
atmospheric pollutants so that special provisions for 
protection can be made where necessary. 



Table 1 Operating Temperature and Humidity by Location 

{Clause 6.1.1) 



SI 


Equipment 


Typical Location of the 


Humidity Operating 


Temperature 


Allowable Rate of 


No. 


Group 


Equipment 


Range (percent 


Operating Range 


Change of Temperature 








Relative Humidity) 


°C 


°C/h 


(1) 


(2) 


(3) 


(4) 


(5) 


(6) 


i) 


(l)(a) 


In a building with air-conditioned 
areas 


40-60 


+20 to +23 


5 


ii) 


0)(b) 


In a building with air-conditioned 
areas 


30-70 


+15 to +30 


10 


iii) 


(2) 


In a building with heating or 
cooling but without full air- 
conditioning 


10-90 
without condensation 


+5 to +40 


10 


iv) 


(3) 


In a building or other sheltered 
area without special 
environmental control 


10-95 
without condensation 


to +55 


20 


v) 


(4) 


Outdoors or location with wide 
temperature variations 


10-95 
without condensation 


-25 to +60 


20 


vi) 


(5) 


Extremes outside the above 


User to specify 


User to specify 


User to specify 








{see 6.1.1) 


{see 6.1.1) 


{see 6.1.1) 
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In groups (1), (2), and (3) of Table 1, all equipment 
cabinets that are vented shall have dust filters. In 
groups (3) and (4), equipment that is exposed to 
moisture, corrosive and explosive gases, or other 
unusual environmental conditions shall have a special 
enclosure. Available types of enclosures for various 
conditions are specified in IS 13947 (Part 1). 

Consideration should be .given to possible 
contamination inside the enclosure during storage and 
transit, and also when the enclosure is opened for 
maintenance or repairs. 

6.1.3 Altitude 

The equipment shall be suitable for operation at 
altitudes up to at least 1 000 m. 

6.1.4 Ultraviolet (UV) Light Exposure 

Suppliers shall be made aware of the expected level of 
exposure to ultraviolet radiation attributable to sun- 
light where equipment is to be installed outdoors. 
Equipment cabinets, paint finishes, and jacket material 
of any exposed cabling shall be sufficiently treated to 
resist damage or degradation due to UV exposure. The 
user shall supply information pertaining to altitude 
above mean sea level and the anticipated average daily 
hours of direct exposure to sunlight. 

6.2 Lightning and Switching Surge Protection 

The purpose of this subclause is to describe design 
criteria and recommend practices that will minimize 
the adverse consequences of exposure to lightning 
discharges and switching surges. Effective protection 
can only be accomplished through a combination of 
adequate design and proper installation and should be 
in conformance with IEC 60870-2-1 for minimum 
level 2 requirements. 

6.2.1 Design Criteria 

The basic design goal for achieving protection from 
lightning and switching surges shall be that of keeping 
any abnormal voltage or current, or both, out of the 
equipment cabinets. 

6.2.1.1 Voltage surges 

Voltage surges can enter the cabinet and cause damage. 
Equipment failures resulting from such damage should 
be fail-safe. Logic designs should be such as to 
minimize the possibility of false or improper operation 
of field devices. Partial failures that do not disable the 
equipment but can reduce or eliminate security 
features, such as error checking in communication cir- 
cuits, shall be detected and cause the blocking of 
control outputs to prevent false operations of field 
devices. 



6.2.2 Installation Criteria 

The basic installation goal for achieving protection 
from lightning and switching surges shall be to 
minimize the exposure of all connecting wires and 
cables. 

6.2.2.1 Power, signal and communication circuits 

Power, signal, and communication circuits provide a 
path through which lightning and switching surges 
enter equipment. Circuits totally within a protected 
building can generally be installed without regard to 
these external effects. These circuits may still be 
subjected to transients generated by the operation of 
solenoids and control relays. Circuits that are connected 
to, or are part of, circuits not within a protected building 
should be installed in a manner that will minimize 
exposure. 

6.2.2.2 Installation constraints 

When installation constraints result in a high degree 
of exposure to lightning or switching surges, supple- 
mentary protection such as spark gaps or^urge limiters 
should be considered. 

6.3 Electromagnetic Interference (EMI) and 
Electromagnetic Compatibility (EMC) 

Manufacturers shall design and test their equipment 
to ensure that EMI limits are not exceeded, and users 
shall design and test locations (environments) to ensure 
that EMC limits are not exceeded and should be in 
conformance with IEC 60870-2-1 for minimum level 2 
requirements. 

Computer and microcomputer-based equipment are 
expected to perform their intended functions in 
substations even when exposed to transient 
electromagnetic interference. The user should be aware 
of EMI in control rooms/substations, metering stations, 
etc and either specify the EMI level for guaranteeing 
proper operation or accept the risk of misoperation in 
the presence of EMI. 

6.3.1 EMI Limits 

Control and data acquisition equipment shall not 
generate radiated emissions in excess of (1 V/m)/MHz 
as measured 1 m from the enclosure. Manufacturers 
shall mechanically and electrically design equipments 
for emission limits by employing attenuation 
techniques such as isolation, shielding, grounding, 
gasketing, filtering, and bonding. 

6.3.2 EMC Limits 

Control and data acquisition equipment shall be 
capable of operating in radiated fields as specified by 
the user. Information available to date indicates that 
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the average field strength may run in the order of 
(1 V/m)/MHz. The specified value of (1 V/M)/MHz 
refers to broadband radiated fields due to station 
environment, resulting from such things as corona and 
switching transients. This requirement is not intended 
to cover narrowband radiated field sources such as 
electronic test equipment or portable radio transmitters 
(walkie-talkies). Where such equipment may be used, 
the field strength is properly expressed as volts per 
meter at a specified frequency, and different EMC 
limits may be required. 

7 CHARACTERISTICS 

This clause defines and discusses general 
characteristics that are required of the control and data 
acquisition equipment. These characteristics include 
reliability, maintainability, availability, security, 
expandability, and changeability. 

7.1 Reliability 

Mathematically, reliability is the probability that a unit 
or system will perform its intended function under 
specified conditions during a specified period of time. 
For complex equipment, failures will occur on the 
average at a constant rate throughout the useful life of 
the equipment. This allows the manufacturer to char- 
acterize equipment reliability with a simple figure of 
merit called mean-time-between-failure (MTBF). 

The exceptions to this constant failure rate are a higher, 
decreasing failure rate, early in the equipment's life, 
called 'infant mortality', and a higher, increasing 
failure rate, thatsignals the onset of 'end-of-life'. These 
phenomena give a typical plot of failure rate versus 
time, a shape known as a 'bathtub curve'. 

The failure modes of equipment, and the effects of these 
failures shall be formally analyzed by the supplier. The 
results of these failure modes and effect analysis 
(FMEA) shall be available for review upon request. 

Failure distribution versus time data for equipment 
while in the possession of the supplier, and for those 
field units for which data are available from the users, 
shall be documented and available upon request. 

7.2 Maintainability 

Control and data acquisition equipment shall be 
maintainable on-site by trained personnel according 
to the maintenance strategy specified by the user. 
Requirements for training, documentation, spares, etc, 
shall take the user's organization and geography into 
account. 

The most common repair strategy is for the supplier to 
train the user's personnel to identify and replace failed 
modules on-site from the user's stock of spare modules. 



These may then be either returned to the supplier for 
repair or repaired to the component level at the user's 
maintenance facility. If on-site service by the supplier 
is necessary, it is most likely to be required for failures 
of complex computer equipment. 

The supplier shall, upon request, be required to provide 
as part of the system proposal, a list of test equipment 
and quantities of spare parts calculated to be necessary 
to meet the specified availability and maintainability 
requirements. In establishing the quantities of spare 
parts, the supplier shall consider the time required to 
return a failed component (field and/or factory service) 
to a serviceable condition. 

The maintainability of equipment is reflected in a figure 
of merit called mean-time-to-repair (MTTR). The 
MTTR values used in the supplier's availability 
computations shall be based to the maximum extent 
possible upon maintenance experience. 

MTTR is the sum of administrative, transport, and 
repair time. Administrative time is the time interval 
between detection of a failure and a call for service. 
Transport time is the time interval between the call for 
service and on-site arrival of a technician and the 
necessary replacement parts. Repair time is the time 
required by a trained technician, having the 
replacement parts and the recommended test equipment 
on-site, to restore nominal operation of the failed 
equipment. 

Unless otherwise specified by the user, the following 
values shall be used in availability calculations: 

Administrative time 0.0 h 
Transport time 0.5 h 

7.3 Availability 

Availability is defined in the following as the ratio of 
uptime to total time (uptime + downtime): 

A = uptime/(uptime + downtime) 

and is normally expressed as a percent (of total time). 

Downtime normally includes corrective and preventive 
maintenance. When system expansion activities 
compromise the user's ability to operate device via the 
system, this may also be included in downtime. 

Typical availabilities achievable by non-redundant 
commercial grade equipment range from 99.99 
percent, for simple devices, to approximately 97 
percent for complex, computer-based sub-systems. 
Proper use of redundant configurations with automatic 
fail over can provide an overall availability of primary 
system functions of 99.9 percent. 

The availability level required, and the planned 
maintenance strategy, shall be specified by the user, 
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requiring suppliers to provide supporting predicted 
availability calculations in their proposals. 

An availability test of from 30 to 90 days is often 
specified prior to acceptance of a system. Operating 
and maintenance records shall be kept and used to 
prove the predicted, and to support the achieved 
availability computations (see 9.6). 

For design analysis, and to determine the prediction 
of availability for sub-assemblies and units, the follow- 
ing equation utilizing MTBF and MTTR shall be used: 

A p = MTBF/(MTBF + MTTR) 

where A p is predicted availability. 

Equations for modeling complex designs shall be 
formulated by the supplier. Use of the equations 
associated with parallel redundant components (or sub- 
systems) are valid under the following conditions: 

a) Failure of parallel elements are independent. 
Component failures do not propagate failures 
of other components. 

b) Sufficient repair turnaround and standby 
replacement parts are available to handle 
multiple simultaneous failures. 

The impact of the outage of each system element or 
function on the availability of the total system shall be 
mutually agreed upon between the user and the 
supplier. 

Availability test results shall be calculated separately 
for major system components (for example, Server 
system versus RTUs). Since these components may 
have a varying impact on the usefulness of the system 
as a whole, different definitions of downtime are 
applicable. 

Major component downtime shall be defined to reflect 
the proportional significance of the equipment that is 
down. For example, downtime for the data acquisition 
system could be defined as the sum of the downtime 
for all RTUs divided by the total number of RTUs. At 
the master station, downtime should not include 
malfunctions in peripheral devices that do not detract 
from the functional capabilities of the master station 
as a whole (for example, printers and tape units). 

7.4 System Security 

System security (of operation) is defined as the ability 
to recognize an inappropriate or undesirable operation 
or condition in such a fashion that causes an appropriate 
alarm, a non-operation, or both. 

Security of operation considerations are divided into 
the following three areas: 

a) Operating practice and procedures, 



b) Communication security, and 

c) Hardware and software design. 

7.4.1 Operations Security Features 

Security features comprising operating practice and 
procedures include the use of function and operating 
checks (manual and/or automatic). Function and 
operating checks may include: 

a) Analog reference points (0 and 90 percent), 

b) Control function check (loop-back), 

c) Scan function check (loop-back), 

d) Poll function check, 

e) Logging function check, 

f) Queue overflow alarms, 

g) Diagnostic aids, 

h) Calibration checks, 

j) Logging of all operator actions, including 

whether the equipment completed the 

requested action, 
k) Tagging of out-of-service control points at the 

user interface, and 
m) Use of an RTU local/remote switch, with 

feedback to a status point, to disable all 

control actuators while an RTU is being 

serviced. 

Equipment designed for remote control of valve shall 
use both a select-before-execute user interface (UI) 
sequence and a checkback-before-operate communication 
sequence for control operations. 

The UI sequence shall provide visual feedback of the 
selection to the user, so the user can verify that the 
system has interpreted the selection correctly before 
executing the control function. 

The communication sequence checkback message shall 
be derived from the RTU's point selection hardware, 
and not be just a simple echoing of the received select 
message. This allows the master station to verify not 
only that the communication was error free, but also 
that the RTU's I/O hardware and software acted cor- 
rectly in interpreting the selection. 

In order to provide maximum security against random 
channel noise being interpreted as a select/execute 
sequence at an RTU, the following safeguards should 
be incorporated: 

a) The communications protocol shall have a 
very effective redundancy check code (this 
is necessary, but not sufficient, security); 

b) There shall be a relatively short timeout 
between the select and operate steps; 

c) The next master station message following the 
select shall be the execute; 
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d) The complete point identification shall be 
contained in the select, checkback, and 
execute messages, which shall be fully 
compared before the control operation is 
executed; 

e) If any of the above checks fail, the control 
sequence shall be re-set immediately, and a 
new select message shall be required to restart 
it; and 

f) Both the master station and RTU shall enforce 
the above rules. 

The communication checkback sequence may be 
performed either concurrently with the control 
selection sequence at the UI, or after the selection 
sequence has been completed. When performed 
concurrently, the selection of a point for control shall 
cause the select message to be transmitted to the RTU. 
Upon successful receipt, the RTU shall arm itself for 
control, generate the checkback message, and transmit 
it back to the master station. A valid checkback 
message shall result in visual selection feedback to the 
user, who can then choose to either execute or cancel 
the control function. 

This type of operation requires a longer select/execute 
timeout at the RTU, and will either violate the execute- 
next rule, or will stop scanning on that channel until 
the user responds with an execution or cancellation. 

When the UI sequence and communication sequence 
are performed sequentially, the selection of a point for 
control should cause the master station to display a 
visual indication of that selection for verification. 

In this type of operation, the user's verification of 
selection does not come from the RTU, but all other 
security features may be fully implemented. 

The user may then execute the control function. Status 
and data scanning should then be interrupted, and a 
select message sent to the RTU. 

The RTU shall then arm the control function and return 
a checkback message. The checkback message shall 
be checked by the master station, and an execute 
message sent automatically to the RTU. If this execute 
message is received as valid, the RTU shall execute 
the command and return an acknowledgment that the 
function has been performed. 

7.4.2 Communication Message Security 
Communication security features include: 

a) The design goal that an error in a message shall 
not result in a critical failure of the system. 

b) Alarming the failure of an RTU to respond to 
a message within a specified number of 
automatic retries. 



c) Ensuring that communication channel error 
control, in concert with the communication 
protocol and line discipline, reduce the 
probability of acceptance of messages 
received with error rate to less than 1 0" n when 
the channel bit error rate is 10"*. 

d) Verification of the proper operation of 
communication channels on a regular basis. 

e) Counting, and periodically logging, 
communication errors on aper-channel basis. 

f) Ensuring that no two RTUs with the same 
address share the same party line or switched 
communication channel. 

g) Ensuring that each RTU communication 
channel(s) supports only one communication 
protocol. 

7.4.3 Hardware/Software Security Features 

Security features comprising hardware and software 
design include the following: 

a) Power supply protection — over current, 
over/under voltage, 

b) Automatic initialization and restart, 

c) Equipment self-check with alarm, 

d) Watchdog timer(s) with alarm, 

e) Automatic failover with alarm, 

f) Fail-safe operation, and 

g) Non-volatile station address retention in 
RTUs. 

7.5 Expandability 

Expandability is the ease with which new RTU, new 
points and/or functions, or both, can be added to the 
system, and the amount of downtime required. 

Expansion point types are defined as spare point, wired 
point, and space-only. Spare point equipment is 
equipment that is not being utilized but is fully wired 
and equipped. Wired point is the capacity for which 
all common equipment, wiring, and space are provided, 
but no plug-in point hardware is provided. Space-only 
point is the capacity for which cabinet-space-only is 
provided for future addition of equipment and wiring. 

Expandability limitations may include, but are not 
restricted to, the following: 

a) Available physical space; 

b) Power supply capacity; 

c) Heat dissipation; 

d) Processor throughput and number of 
processors; 

e) Memory capacity of all types; 

f) Point limits of hardware, software, or protocol; 
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g) Bus length, loading, and traffic; 

h) Limitations on routines, addresses, labels, or 
buffers; and 

j) Unacceptable extension of scan times by 
increased data (given bit rate and protocol 
efficiency). 

7.6 Changeability 

Changeability is defined as the ease with which system, 
RTU, and point data base parameters may be changed 
at both the master station and RTU. Parameters that 
shall be easy to change include the following: 

a) Operating parameters, and 

b) Configuration and setup parameters. 

The supplier's documentation (see 10.3.2) shall 
contain the step-by-step process as given in 7.6.1 
to 7.6.3. 

7.6.1 Operating Parameters ■ 

Operating parameters must be easily changed by the 
system user. They include, but are not limited to the 
following: 

a) RTU on/off-scan, 

b) Point on/off scan, 

c) Point tags on/off, 

d) Manually entered values, 

e) Point alarm limits, 

f) Point deadband values, and 

g) IED parameters. 

7.6.2 Configuration and Setup Parameters 

Configuration and setup parameters must be easily 
changed by an authorized system engineer, but shall 
be protected against being changed by the users. They 
include the following: 

a) Configuration password, 

b) Major/minor alarm conditions and actions, 

c) User-definable calculations, 

d) Definition of a new RTU, 

e) Communication port and/or station address 
assignments of RTUs, 

Addition and/o.r rearrangement of an RTU's 
points, 

g) Correspondence of status points to control 
points, 

h) Point and state descriptions, for presentation 

to the system user, 
j) Point scaling factors, for conversion of data 

to engineering units, and 

k) Output relay dwell times. 



7.6.3 Changeability Limitations 

Changeability limitations may result from, but are not 
limited to the following: 

a) Inability to make master station and RTU data 
base changes on-line from the master station, 

b) Storage of parameters in memory (for 
example ROM) that is not modifiable in- 
circuit, 

c) Restrictions caused by data base structure, 

d) Hardware/software compatibility, 

e) Hardware limitations, 

f) Software operating system limitations, and 

g) Restrictions caused by use of IEDs. 

7.7 Spare Capacity 

Spare capacity is defined as the additional capacity that 
can be added to the master station. 

7.7.1 Main Memory 

A requirement of no less than 50 percent unused main 
memory initially will allow enough expansion for new 
functions, enhancement of existing functions, and 
growth of the power system and the equipment that 
needs to be monitored. Computer documentation shall 
also be consulted to determine how much main 
memory capacity can be expanded over and above the 
capacity initially installed. As a minimum, it shall be 
possible to double the initial capacity with the addition 
of memory modules. 

7.7.2 Auxiliary Memory 

A requirement of no less than 50 percent spare disk 
capacity initially will allow for moderate expansion. 
Computer documentation shall also be consulted to 
determine how much disk capacity can be expanded 
over and above the capacity initially installed. As a 
minimum, it shall be possible to double the initial 
capacity with the addition of disk units. 

8 MARKING 

The control and data acquisition equipment and major 
sub-assemblies shall be suitably marked as necessary 
for safety and identification. 

8.1 Identification 

Each type of equipment shall be identified so that it 
can be easily correlated with the documentation. The 
means of identification shall be uniform throughout 
the system, and it may include colour coding, labelling, 
and part number. The identification mark shall be 
permanently affixed to the part that it identifies. 
Consideration shall be given to using bar code labels 
to identify the equipment and sub-assemblies. 
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8.2 Nameplates 

Each separate unit of the system shall be furnished with 
nameplates bearing relevant information. 

"Nameplates shall be legible at a distance of 
approximately 1 m. 

8.3 Warning 

Warning signs or safety instructions shall be applied 
where there is a need for general instructions relative 
to safety measures (for example, supply circuit). 

9 TESTS AND INSPECTIONS 

The purpose of this clause is to describe the tests and 
inspections recommended to ensure that control and 
data acquisition equipment will perform reliably and 
correctly according to the user's technical specifica- 
tions. Users shall specify all tests to be performed. Test 
requirements shall cover, as a minimum, all critical 
portions of the specification, especially functional and 
design requirements. Tests shall be required to be 
conducted by user and supplier. Test results and all 
deviations from test plans shall be required to be 
documented. 

9.1 Stages of Tests and Inspection 

The test and inspection process requires that various 
functions of the equipment be tested or verified during 
one or more stages in the production and installation 
cycle of the equipment. These stages and appropriate 
tests are illustrated in Table 2. 

Across the top of the table are shown the four major 
classes of tests and inspections, being interface, envi- 
ronmental, functional, and performance. The three 
stages of testing and inspections, being certified design, 
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factory and field, are shown along the left-hand edge 
of the table. The specific tests and inspections in each 
class are listed in the body of the table, below the class 
heading. Tests listed without notation are recom- 
mended for all applications at the stage they can be 
most economically performed. 

Tests marked with an asterisk are optional and are 
performed only when specified by the user. Certified 
design tests on equipment can be accepted at the user's 
discretion. 

9.1.1 Certified Design Tests 

These are tests performed by the supplier on specimens 
of a generic type of production model equipment to 
establish conformance with its design standard. The 
conditions and results of these tests shall be fully docu- 
mented and certified. 

9.1.2 Factory Tests and Inspections 

This stage includes the inspection and approval of 
interface drawings prior to fabrication of the equipment 
and all functional tests and inspections performed on 
the actual equipment to be supplied to the user prior to 
the shipment of that equipment from the supplier's 
facilities. The factory tests shall be a highly structured 
procedure designed to demonstrate, as completely as 
possible, that the equipment will perform correctly and 
reliably in its intended application. Factory tests may 
also include tests to verify some or all of the results of 
the certified design tests. 

9.1.3 Field Tests and Inspections 

Field tests and inspections are performed on the 
equipment after it has been shipped from the supplier's 
facilities. These include pre-installation inspections and 



Table 2 Test Stages and Classes of Tests 

(Clause 9 A) 



SI Test Stages 




Classes of Tests 




No. 






-~~ 






Interface Tests 


Environmental Tests 


Functional Tests 


Performance Tests 




and Inspections 


and Inspections 


and Inspections 


and Inspections 


(1) (2) 


(3) 


(4) 


(5) 


(6) 


i) Certified design tests 


Power input* 


Temperature Humidity 


— 


— 


ii) Factory tests and 


Mechanical power 


Temperature* 


I/O point checkout 


Loading 


inspections 


source* 


Humidity* 


Communications 


Data acquisition control 






Dust* 


User interface 
Special functions 


User interface 

Computer and disk stability* 

Maintainability* 

Expandability* 


iii) Field tests and 


— 


— 


I/O point checkout 


Availability* 


inspections 






Communications 

User interface 






only when specified by the user. 


Special functions 




* Optional tests performed 
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tests to ensure the equipment has not been damaged 
during shipment and post-installation tests to verify 
the equipment performs its functions reliably and 
correctly. 

9.2 Interface Tests and Inspections 

These tests are designed to demonstrate that the various 
mechanical and electrical interfaces to the equipment 
are in accordance with applicable portions of 5, 
together with other applicable parameters called out 
in the user's specifications. For the most part, these 
interface parameters can either be demonstrated dur- 
ing factory tests or accepted on the basis of certified 
design tests. 

9.2.1 Mechanical 

Mechanical characteristics (for example materials, 
workmanship, dimensions, fabrication techniques, and 
finishes) shall be verified through visual inspections 
and comparisons with applicable drawings. 

9.2.2 Electrical 

These tests include all those to be performed on electrical 
interfaces to the equipment, with the exception of those 
related to the functional performance of the equipment. 

9.2.2.1 Power source 

The equipment shall be tested to demonstrate the proper 
operation of the equipment throughout the range of 
specified power source parameters. 

9.3 Environmental Tests 

These tests are designed to demonstrate that the 
equipment will perform correctly and reliably while 
exposed to the applicable environmental parameters 
described in 6, together with other applicable 
parameters called out in the user's specifications. The 
results of certified design tests are usually sufficient 
to demonstrate that the equipment will operate reliably 
and correctly within a specified environment. The user 
may require the supplier to perform factory tests on 
the equipment to demonstrate that it will indeed 
perform correctly under the specified environmental 
conditions. Equipment in environmental tests should 
be operating with realistic inputs and outputs. 

The environmental parameters and testing 
requirements specified by the user should be limited 
to the worst case conditions that can be realistically 
anticipated in the location where the equipment will 
ultimately be installed. Refer IS 9000 series or IEC 
60068 series for various environmental tests. 

9.3.1 Physical 

The equipment shall be tested to verify that it operates 



correctly in the following physical environments 
described in 9.3.1.1 to 9.3.1.3. 

9.3.1.1 Temperature 

To test the equipment within the specified temperature 
range {see 6.1.1), it shall be placed in an environmen- 
tal test chamber where it can be operated for a specified 
period at both the low and high ends of the range, and 
cycled between them. Calibration and accuracy checks 
shall be made throughout the range. 

9.3.1.2 Humidity 

Humidity tests (without condensation) shall be 
performed in conjunction with the temperature test 
{see 9.3.1.1). Humidity test data shall include the 
humidity ranges tested at each temperature. 

9.3.1.3 Dust 

Testing shall consist of inspection to determine whether 
or not the equipment is properly sealed to prevent 
intrusion of dust. 

9.4 Functional Tests 

Functional tests shall be designed to ensure that the 
equipment performs its functions reliably and correctly. 
They are performed during the factory, or field test 
stages, or both. Preliminary testing should be 
performed by the supplier before verification by the 
user. For many applications and types of equipment, 
successful factory tests will be a sufficient basis for 
acceptance of the system by the user. For more complex 
applications or systems, additional tests in the field 
may be required to fully verify correct and reliable 
performance. 

The following functional tests should be carried out: 

a) Interface of RTUs with IEDs; 

b) Database and alarms validation; 

c) Remote workstation testing; 

d) Checking of various reports, archiving and 
trending functions; 

e) Clock synchronization between the nodes of 
master station and RTUs; and 

f) Security/Passwords testing. 

9.4.1 I/O Equipment Checkout 

All I/O equipment to be supplied shall be tested during 
factory tests to demonstrate that it performs its 
functions correctly, accurately, and reliably. These tests 
shall be performed with equipment that simulates the 
actual equipment to be monitored or controlled. 

9.4.2 Communication 

The communication tests shall demonstrate proper 
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operation of all aspects of the equipment's 
communication capability, including modems, security 
checking, and message protocols. The data modems 
or signalling equipment shall be exercised to verify 
that they operate correctly and reliably on the type of 
channel for which they are designed. The tests shall 
be conducted under conditions that duplicate as closely 
as possible the specifications for the channel including 
simulated channel noise, communication failures, 
and recovery. Provisions shall be made to log 
communication outages and update communication 
statistic displays where these features are provided. 

The communication tests shall exercise all message 
protocols and formats to which the equipment is 
designed to respond. The tests shall also demonstrate 
that any error detection or correction capabilities func- 
tion properly and that the equipment does not respond 
to erroneous commands. 

9.4.3 User Interface (UI) 

Comprehensive user interface tests shall be performed 
to verify the correct functional operation of all user 
interface hardware and software. All indications and 
displays shall be verified to ensure that they correlate 
with the correct I/O equipment, and all user controls 
shall be checked to ensure that they result in only the 
correct sequence of operations. 

9.4.4 Special Functions 

When the equipment supplied is to perform functions 
tailored expressly to the user's application (for example 
closed loop control), these functions shall be checked 
during the appropriate test stage. It is often necessary 
to perform these tests in the field, after the equipment 
has been adjusted to the parameters of the installation. 

9.5 System Performance Tests 

The performance of all critical parameters of the 
equipment (for example communication, peripherals, 
user interfaces, I/O processing, and CPU) shall be 
measured under various loading conditions or 
scenarios. System performance shall be measured as 
early in a project as possible to identify any system 
weaknesses. This will allow the user and supplier an 
opportunity to resolve problems in a timely manner. 

The loading scenarios shall simulate the following: 

a) Normal activity — initial system. 

b) Heavy activity {disturbance loading defined 
by user) — initial system. 

c) Normal activity — fully expanded system. 

d) Heavy activity {disturbance loading defined 
by user) — fully expanded system. 

e) Communications failures or high noise 



conditions such as high noise on an entire 

microwave system. 
Loading conditions should be determined by analyzing 
worst case conditions experienced by the user and the 
worst possible condition likely to happen in the future 
over the life of the system. Table 3 is provided as a 
guide. 

The measurements for performance assume that all 
functions of the system have been individually verified 
by functional tests and that the total system is ready to 
be evaluated. 

If actual system inputs are not available, they shall be 
simulated with special hardware or software. For a 
meaningful test, these inputs shall include the 
following: 

a) S imulated RTU inputs (alarm contacts, analog 
inputs, status input, etc). 

b) Simulated message data structures from the 
RTUs into the master station communication 
interfaces. 

c) Simulated data links to other computers, 
specifying the amount, type and frequency of 
data to be transferred. 

d) Simulated user interfaces such as wall mimic. 

e) Other simulated inputs. 

Table 3 System Performance Tests 15 
{Clause 9.5) 



SI No. Input 


Activity Cycle 


(1) (2) 


(3) 


i) Normal Activity 




Each user 
Status input 
Analog inputs 


1 display -request/minute 
1 percent changes/scan 
1 percent of all analogs 
change/scan 


ii) Heavy Activity 




Each user 

Status inputs 
Analog inputs 


4 display request/minute 
1 percent changes/scan 
25 percent of all analogs 
change/scan 


■> Values given are for example onlj 
user select values that represent the 
and operating procedures. 


'. It is recommended that the 
user's system characteristics 



Manual operation sequences to be performed during 
tests shall be described in detail to provide a repeatable 
test scenario and a way to measure improvements in 
performance (for example, five people requesting one- 
line diagrams and two people requesting menu displays 
simultaneously). Test steps should simulate all normal 
user operations. 

Response performance shall be measured in seconds. 
All measurements ^hall be recorded for analysis after 
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the tests. Software utility programmes are available from 
most system suppliers for finding CPU utilization and 
loading (for example, feature of the computer operating 
system or a separate programme available from 
computer manufacturer, or both) and if used by supplier 
the system loading of the programs shall be provided to 
user with proof. Automatic measurement of other test 
parameters can be done by special purpose software. 

9.5.1 Data Acquisition Performance 

Data acquisition sub-system performance measures the 
following: 

a) The time for a status change or analog change 
at the RTU to be displayed to the user at the 
master station (for example, monitor, logger 
or mimic). 

b) The time to query all RTUs on a per channel 
basis. 

A cyclic status point input of 2 or more times faster 
the system RTU scan rate can be used to detect a missed 
scan due to overloading. The status input simulator 
should be connected to an input of one RTU. The alarm 
associated with the toggled input shall appear on the 
logger with a time tag of approximately twice the scan 
rate. A system overload causing an extension of the 
scan cycle is obvious from the printout because one or 
more status changes is missed. 

9.5.2 Control Performance 

Control performance measures the elapsed time 
between a control request by a user at the master station 
and the control output contact closure at the RTU. This 
test shall also be performed in the field. The field test 
will provide realistic measurements, using user 
installed RTUs and communication facilities. 

9.5.3 User Interface Performance 

The user interface performance is a measure of the 
response time to satisfy user requests for information. 
To measure display response time, measure the time 
from the instant a request is made until the result of 
the request is completely displayed on a CRT screen, 
printed on a logger, or shown on a mimic panel. 
Different classes of displays (one-line diagrams, alarm 
summaries, menus, tabular, etc) may have different 
display response times due to the amount of data to be 
gathered and computations required before a display 
request can be completed. 

9.5.4 Computer and Disk Performance 

The computer and disk performance shall be checked 
using the supplied programmes from computer 
manufacturers to ascertain that CPU and Disk utilization 
is within acceptable limit as specified by user. 



9.5.4.1 Computer link response time 

Computer to computer link response times should be 
measured and evaluated during performance tests 
under varied loading conditions. 

9.5.4.2 Computer LANs utilization 

LANs that connect application computers together 
should be measured and evaluated during performance 
tests under varied loading conditions. 

9.5.4.3 Computer reconfiguration, power fail and 
restart tests 

On master stations with redundant equipment, 
reconfiguration tests should be performed to confirm 
the ability to failover from one CPU to another 
(reconfigure the real-time database) and to switch 
peripheral equipment to the primary system, the 
secondary system, or off-line (that is out-of-service). 

Power fail tests measure the time to recover from a 
complete or partial power failure until the system is 
fully operational. 

Because normal maintenance procedures and 
equipment failure cause downtime of the master 
station, restart tests are to assure the system will recover 
in a timely manner. Existing data shall consist of all 
scanned and manually entered data (that is pipeline 
system tags, manual overrides, limit changes, etc). 
Downtime of the system or parts of the system should 
be measured during these tests to confirm the length 
of these outages can be tolerated by the user. 

The time required to load a system from mass storage 
and initiate operation should be measured. This time 
should be less than the acceptable system outage time. 

9.6 Test Run 

The user shall require an availability test to be run after 
the system is installed and placed in operation (see 7.3). 
An availability test takes place over a specified length 
of time during which the equipment shall operate 
correctly and reliably for at least a specified percentage 
of that time. The length of the test shall be sufficient 
to verify that the equipment can be expected to perform 
its intended functions reliably and correctly over its 
intended lifetime. 

The availability test shall be run under conditions 
mutually agreeable to the user and supplier. In general, 
the supplier shall be responsible for making the 
necessary repairs. Downtime should not include delays 
over which the supplier has no control. 

This is followed by analyzing the number and types of 
failures, and their effects on system operation. The test 
time should be selected so that the total number of 
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device operating hours for each type of system-critical 
device is representative of the predicted MTBF for that 
device to obtain statistically significant failure data. 
Specific rules for accumulation of uptime, downtime, 
maintenance time, and administrative time shall be 
agreed upon before the test (see 7). 

9.7 Maintainability Test 

The user shall require a maintainability test to be run 
to evaluate the supplier's design, documentation, 
training, and recommended spare parts. Maintainability 
will directly affect the availability of the SCADA 
system and therefore the reliability of the system 
(see 1.2). Computer hardware maintenance and long- 
term repair support are difficult to evaluate without 
actual experience. Discussions with other utilities 
regarding their experience is one way to acquire a 
certain degree of knowledge about the maintainability 
of specific equipment and systems. 

Software, database, and display maintainability is also 
critical to the successful operation of a SCADA system. 
Tests to be witnessed should include the following: 

System generation tests (measure time to complete, 
and amount of manual intervention required) 

a) Database maintenance 

1) Adding an alarm point (time to make 
operational) should be demonstrated, 

2) Deleting or changing text on an alarm 
point should be demonstrated, and 

3) Changing an analog scale factor should 
be demonstrated. 

b) Display maintenance 

1 ) A new one-line diagram should be added 
and linked to the database (a specific 
example in the specification should be 
provided), and 

2) A line and new devices should be added 
to an existing one-line diagram including 
analogs, tags, etc. 

c) Equipment maintenance 

1) A monitor should be replaced, 

2) A modem should be replaced, and 

3) A disk drive should be replaced. 

9.8 Expandability Tests 

Expansion capability of a new system shall be analyzed 
(see 7.5). For example 

a) RTU I/O point expansion (both hardware and 
software changes required); 

b) Addition of RTUs; 

c) Master station expansion: 



1 ) Peripherals, diskspace, memory, 

2) CPU capacity (percent utilization), 

3) User interface (work station additions), 
and 

4) Database and display expansion. 

9.9 Documentation Verification 

The final phase of the testing programme is to verify 
that the documentation being supplied is an accurate 
description of the equipment, including all corrections 
resulting from the tests. Final issue of completed doc- 
umentation shall be provided as soon as practical after 
shipment and acceptance of the equipment. 

10 DOCUMENTATION 

The documentation for control and data acquisition 
equipment shall cover five basic areas as follows: 

a) Design, 

b) Installation, 

c) Operating instructions and records, 

d) Maintenance instructions and records, and 

e) Test (including QA & QC test plans). 

In general, all final documentation provided by a 
supplier shall reflect the actual equipment as accepted 
by the user, and all subsequent equipment changes shall 
be recorded as document revisions by the user. 

If users desire to have the information on reliability as 
described in 7, they shall collect information on failures 
and repairs for all subassemblies. This data on 
operating performance shall then be periodically 
provided to the supplier. 

Documentation described in 10.1 to 10.6 may be 
subject to user review or approval. Documentation may 
be structured in alternate fashion, but shall cover all 
five areas. The documentation may be supplied in one 
or more of several forms-printed, computer stored, or 
electronic media. In the latter case, the supplier shall 
either identify or supply the supporting word 
processing software used to prepare the documentation. 

10.1 Design Documentation 

Design documentation is the responsibility of the 
supplier. For example, expansion methods for adding 
points to hardware assemblies and software programmes 
or tables shall be described and illustrated. Block 
diagrams shall be included to describe control and data 
acquisition equipment and external equipment. Layout 
and wiring drawings shall also be included to define 
external interconnection needs at each facility. Text, 
photographs, and illustrative material shall accompany 
these drawings in sufficient detail so that functional 
performance and design may be readily understood. 
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For example, functional block diagrams and 
explanatory text shall be used to describe each major 
assembly and software programme contained in the 
equipment configuration. A document describing the 
communication process between the master station and 
the RTUs shall be provided. The supplier shall be 
responsible for providing outline drawings, mounting 
requirement details, customer connection details, 
environmental requirements, size, weight and any other 
information need for the user to prepare installation 
documentation. 

10.2 Installation Documentation 

Installation documentation is the responsibility of both 
the supplier and user and shall define the following: 

a) Electrical power, data, control, and 
communications interface wiring procedures; 

b) Floor, rack and shelf mounting, drilling, and 
bolting methods necessary to secure the 
equipment in place; 

c) Safety precautions or guards; 

d) Grounding and bonding procedures; 

e) Clearances for access and ventilation; 

f) Testing and alignment methods; 

g) Weather proofing, dustproofing, and other 
environmental procedures; and 

h) Other procedures needed to properly install 
the equipment. 

10.3 Operating Instructions and Records 

Instruction information shall be developed for 
operating personnel who use the control and data 
acquisition equipment. 

10.3.1 Supplier Operating Instructions 

The supplier shall publish instructional information 
defining the equipment and how it shall be operated. 
This instructional information shall consist of a general 
description of the equipment configuration provided 
and shall state its intended use and its major 
performance characteristics. Whenever a user interface 
such as a console, indicating/control panel, or printing 
device is involved, the operational documentation shall 
detail in step-by-step fashion the operational sequences 
required to use these interface devices. Adequate 
illustrative material shall be included to identify and 
locate all control and indicating devices. 

10.3.2 User operating instructions and records 

The equipment supplier shall publish operating 
procedures defining the system and include user 
detailed instructions and responsibilities. These user 
instructions shall be based on the supplier's 



instructional information and the nature of the system 
being monitored and controlled. Procedural 
instructions, that state routine and emergency 
procedures, safety precautions, and quantitative and 
qualitative limits to be observed in the starting, running, 
stopping, switching, and shutting down of control 
equipment, shall be included. Whenever operating 
procedures or adjustments are to be performed in a 
specific sequence, step-by-step instructions should be 
stated. 

10.3.3 Records 

Records shall be prepared by both operating and 
maintenance personnel to support the availability/ 
reliability calculation defined in 7.1 to 7.3. 

10.4 Maintenance Instructions and Records 

Maintenance documentation for personnel skilled at 
the electronic technician level shall be developed and 
provided by the supplier, and shall include the 
following information listed in 10.4.-1 to 10.4.4. 

10.4.1 Performance Information 

This information shall include a condensed description 
of how the equipment operates (derived from 10.1) 
and a block diagram illustrating each major assembly 
and software programme in the configuration. Message 
sequences, including data and security formats for each 
type of message, shall be included in the condensed 
description and illustrated whenever such messages are 
used between stations, or locally at a station. The 
operational sequence of major assemblies and 
programmes shall be described and illustrated by 
functional block diagrams. Detailed logic diagrams and 
flowcharts shall also be provided as necessary for 
troubleshooting analysis and field-repair actions. 

10.4.2 Preventive Maintenance Instructions 

These instructions shall include all applicable visual 
examinations, software and hardware test and 
diagnostic routines, and resultant adjustments 
necessary for periodic maintenance of control 
equipment. Instructions on how to load and use any 
test and diagnostic programme, and any special or 
standard test equipment shall be an integral part of these 
procedures. 

1 0.4.3 Corrective Maintenance Instructions 

These instructions shall include guides for locating 
malfunctions down to the spare parts replacement or 
field-repair level. These guides shall include adequate 
details for quickly and efficiently locating the cause 
of an equipment malfunction, and shall state the 
probable source(s) of trouble, thesymptoms, probable 
cause, and instructions for correcting the malfunction. 
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These guides shall explain how to use any on-line test 
and diagnostic program and any special test equipment 
if applicable. 

Corrective maintenance instructions shall also include 
explanations for the repair, adjustment, or replacement 
of all items. Schematic diagrams of electrical, 
mechanical, and electronic circuits; parts location illus- 
trations, or other methods of parts location information; 
and photographs, and exploded and sectional views 
giving details of mechanical assemblies shall be 
provided as necessary to repair or replace equipment. 
Information on the loading and use of special off-line 
diagnostic programmes, tools, and test equipment, and 
any cautions or warnings which shall be observed to 
protect personnel and equipment, shall also be included. 

10.4.4 Parts Information 

This information shall include the identification of each 
replaceable or field repairable module. Parts shall be 



identified on a list or drawing in sufficient detail for 
procurement of any repairable or replaceable part. 
These parts shall be identified by their industrial, 
generic part numbers, and shall have second source 
referencing whenever possible. 

10.5 Test Documentation 

Test documentation by the supplier shall consist of a 
system test plan, test procedures, and certified test 
reports on tests described in 9. The test plan shall state 
what equipment configuration will be tested, when it 
will be tested, which tests will be run, and who will 
conduct and witness the tests. The test procedures shall 
define the operating steps and expected results. The 
test report shall record all test results. 

10.6 Channel Loading Calculation 

The vendor should provide channel loading 
calculations. 



ANNEX A 

{Clause 2) 

LIST OF REFERRED STANDARDS 

SP 30 : 1985 National Electrical Code (NEC) 

IS 1885 (Part 50) : 1985 Electrotechnical vocabulary: Part 50 Telecontrol 

IS 1885 (Part 52) : 1980 Electrotechnical vocabulary: Part 52 Data processing 

IS 2309 : 1989 Code of practice for the protection of buildings and allied structures against lightning 

IS 3043 : 1987 Code of practice for earthing 

IS 9000 Series Basic environmental testing procedures for electronic and electrical items 

IS 10315 : 1997 7 bit coded character set for information interchange 

IS 12746 (Part 1/Sec 3) : 1993 Telecontrol equipment and systems: Part 1 General considerations, 
Section 3 Glossary 

IS 13947 (Part 1) : 1993 Specification for low-voltage switchgear and controlgear: Part 1 General rules 

IEC 60068 Series Environmental testing 

IEC 60870-2-1 (1995) Telecontrol equipment and systems — Part 2 : Operating conditions — Section 1 : Power 
supply and electromagnetic compatibility 

IEC 60870-5-101 (2003) Telecontrol equipment and systems — Part 5-101 : Transmission protocols — Companion 
standard for basic telecontrol tasks 

IEC 60870-5-104 (2000) Telecontrol equipment and systems — Part 5-104 : Transmission protocols — Network 
access for IEC 60870-5-101 using standard transport profiles 

IEEE Green Book Standard 142 : 1991 IEEE Recommended practices for grounding of industrial and commercial 

power systems 
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ANNEX B 

{Clause 4.1) 

MASTER STATION/RTU INTERCONNECTIONS 
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Fig. 8 Single Master Station, Single RTU 
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Fig. 9 Single Master Station, Multiple RTU(s), Radial Circuit 
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Fig. 10 Single Master Station, Multiple RTU(s), Party-Line Circuit 
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B-2 MULTIPLE MASTER STATIONS 
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Fig. 1 1 Dual Master Stations, Multiple RTU(s), Looped Party Line 
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Fig. 12 Dual Master Stations, Single Dual Ported RTU, Radial Circuit 
B-3 MULTIPLE MASTER STATIONS, MULTIPLE RTU(S) 
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Fig. 13 Dual Master Stations, Multiple RTU(s) [Single Ported RTU(s)] 
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Fig. 14 Dual Master Stations, Multiple RTU(s) 
[Dual Ported RTU(s)] 



B-4 COMBINATION SYSTEMS 
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Fig. 15 Single Master Station, Single Sub-master Station 
Multiple RTU(s) 
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NOTE — Sub-master stations could communicate with one another. 



Fig. 16 Single Master Station, Multiple Sub-master Stations 
Multiple RTU(s) 
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Fig. 17 Single Master Station, RTU(s) and End Station Link 
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